Access Hulu And Other Blocked Services Using Squid

One of the perennial challenges for Australian TV enthusiasts is finding a way to use Hulu and other geo-blocked streaming services. Here's how Lifehacker reader Luke Carbis solved the problem.

I realise that you've featured Pandora and Hulu access from overseas on your site before, but this way hasn't really been done before. The beauty of it is that once you've got it set up, you don't have to look at it or think about it ever again!

  • A server in the US (I use Slicehost, but any US server will do)
  • SSH access to said server

The premise

We're going to set up the U.S. server to run a proxy (alongside Apache, because my server is a web server, too). Then we're going to tell our computer to use that proxy for the web, but only if the URL is pandora.com or hulu.com.

Step 1: Install Squid

Squid is a fully-featured HTTP/1.0 proxy. Log into your server via SSH, and install it by using this command:

sudo aptitude install squid squid-common

Step 2: Edit the Squid config file

You can edit the file using vi or nano while you're in the SSH environment like this:

sudo vi /etc/squid/squid.conf

Or you can just use FTP. The file you want is located at /etc/squid/squid.conf.

Now there's two things that we need Squid to do, which we specify using this file.

1. Authenticate the user by checking their IP, and 2. Use port 8080 so we don't have any Apache conflicts

You can download my squid.conf file here. Change lines 603-606 to allow your own IP addresses (instead of the two IP addresses I use).

Step 3: Restart Squid

First, correct your permissions with:

sudo chown -R proxy:proxy /var/log/squid/ sudo chown proxy:proxy /etc/squid/squid.conf

And then restart with:

sudo /etc/init.d/squid restart

Step 4: Set up your proxy settings

Sounds easier than it actually is. It's not as simple as using http://your-server.com:8080, because we only want to use that as a proxy if the URL is something specific (pandora.com). Instead we need to create a custom .pac file with our specific proxy settings.

So, create a .pac file (it's just plain text), and save it with the following:

function FindProxyForURL(url, host) { // variable strings to return var proxy_yes = "PROXY your-server.com:8080"; var proxy_no = "DIRECT"; if (shExpMatch(url, "http://www.pandora.com*")) { return proxy_yes; } if (shExpMatch(url, "*pandora.com*")) { return proxy_yes; } if (shExpMatch(url, "http://www.hulu.com*")) { return proxy_yes; } if (shExpMatch(url, "*hulu.com*")) { return proxy_yes; } // Proxy anything else return proxy_no; }

You can save this to your hard drive for use, or you can upload it to your server and link to it that way. If you have multiple machines using this file, I would recommend the latter so you can easily update the proxy settings for all of them if you need to.

On a Mac, you can tell your computer to use this file for it's proxy settings by opening System Preferences, clicking Advanced, clicking on the proxies tab, choosing Automatic Proxy Configuration, and entering the URL there (or choosing a file on your hard drive). I'm sure you can do it on Windows too, but I'm not sure how (you'll figure it out, I'm sure).

Once those settings are saved you should be good to go. Enjoy Pandora and Hulu from Australia without having to open a special program or change your network settings!

Thanks Luke!


Comments

    This article is obviously not for Joe Average. Because you know, i just have US based servers i pay money for laying around waiting to be used for this purpose.

      Yeah, same here. Half this article may as well have been written in Chinese.

    Step 4 does NOT make any sense.

    Where do you put the .pac file, and then what?

    Rubbish instructions.

    Does this mean that any video or music that you are streaming from hulu and pandora is being charged to your webhost account?

    @ Not Joe - I totally agree.
    @ David Khoo - Yes, that would be the case

    I did actually try something like this myself once, but didn't manage to get it working. And even if I had, I suspect my hosting company wouldn't have been too pleased when they saw the bandwidth being consumed.

    Does this actually work? Under Windows anyway I thought that Flash tended to ignore your proxy settings.
    You could do something similar with Putty's SSH Tunneling and SocksCap under Windows, which also ensures that your Flash traffic does indeed get proxied (and requires much less messing about on your own server)

    I have found using Hotspot shield and opera allows me to access hulu

      Well hotspot shield has a bandwidth limit of only 5gb a month. That is not nearly enough for watching hulu.

    LM

    Lots of apps support .PAC files as a means of automating proxy configurations. Take a look at IE proxy settings...

    As others have pointed out there are better / more efficient / cheaper ways to accomplish the same thing (like use an anonymiser network instead of hosting your own server, using a proxy switcher like FoxyProxy instead of a PAC file, use an SSH tunnel instead of having a whole Squid config etc.).

    This however is an very good approach if you want ALL clients on a network to be able to use US services without each individual user having to know what they are doing and having to run additional software before they can access the service (i.e. it's 'mum proof' as I say).

    Only thing I would add is if you're setting this up then go the whole hog and consider using WPAD. That way even visitors to your network can access the services without manually configuring up the pac file.

    ... And finally (can't stop now I've started) if your aim is for access to actually be completely seamless from a client perspective then it's better to just configure your network so your gateway server determines what traffic goes via your proxy rather than a pac. This way you can route traffic from devices other than just browsers allowing things like web radios (e.q. Logitech Duet etc.) to access Pandora from within Oz which is a real boon. At least it is to me.

    What's the point of posting articles if you hope that readers are into correcting the original author. Plus, errant porting methods like the above, will only piss off the US host service.

    Is it just me or this actually doesn't work?

    I've done all steps, but I still get denied... trying foxyproxy, I can access fine...

      It's been working for me (in France), but suddenly it stopped today. I've tried restarting squid, deleting the cache file. Even added in the lines:

      acl netflix dstdomain .netflix.com
      no_cache deny netflix

      to my squid.conf file. Maybe it's just me, but i thought I would report this in case it's a new development.

        Okay, here's the deal:

        Hulu and Netflix are getting wise to this trick.

        There are a few other settings you need to configure on Squid. Basically, squid still announces itself by default, so you need to disable some headers in your squid.conf file:

        follow_x_forwarded_for deny all
        via off
        forwarded_for off

          hey Alexander,

          I've been trying to set up my squid to stream nbc/hulu/netflix as well but it seemingly doesn't let me even after i put in your settings.

          could you send me a copy of your squid.conf?

    Anybody have any luck with this lately?
    I'm using squid with the following options set:
    follow_x_forwarded_for deny all
    via off
    forwarded_for off

    Hulu plays the first few seconds of a commercial and then stops, saying:

    "Sorry, we are unable to stream this video. Please chack you internet connection and try again."

    Just get a pptp account from a company like witopia or strongvpn and you're ready to go.

Join the discussion!

Trending Stories Right Now